Cross Site Scripting (XSS) Vulnerability in Wekan v6.84 and Earlier
CVE-2023-31779 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.
Learn more about our User Device Pen Test.